Wired Intelligent Edge (Campus Switching and Routing)

Reply
Highlighted
Aruba Employee

ArubaOS-CX as an NTP Time Server

ArubaOS-CX 10.02 introduced the capability to act as a server for NTP, also known as NTP master.

 

ArubaOS-CX NTP Client Config
Check the existing NTP client config on the CX switch. (In the example below, the Windows server 10.2.10.2 is not responding to NTP.)

ntp server 10.2.10.2
ntp server 10.2.10.3
ntp enable
ntp vrf mgmt

8320-upper# sh ntp associations
----------------------------------------------------------------------
ID NAME REMOTE REF-ID ST LAST POLL REACH
----------------------------------------------------------------------
1 10.2.10.2 10.2.10.2 .INIT. 16 - 1024 0
* 2 10.2.10.3 10.2.10.3 16.110.135.123 3 997 1024 377
----------------------------------------------------------------------

 

ArubaOS-CX NTP Server Config

NTP master is enabled by default, with no settings.

8320-upper# sh ntp master

NTP Master Status : Enabled

-----------
VRF Stratum
-----------

To complete the config, add the extra parameters to the config (from the primary if in a VSX cluster):

ntp master vrf default stratum 3

If you are running this in a VSX cluster, the ntp master line will be synchronised to the secondary switch.

8320-lower# sh run | in ntp
ntp server 10.2.10.2
ntp server 10.2.10.3
ntp enable
ntp vrf mgmt
ntp master vrf default stratum 3

 

Config for ArubaOS-Switch (also ProCurve)
I have added the loopback addresses of both 8320 switches in the VSX cluster. The VLAN interface IPs also work (eg 10.80.32.7 and 10.80.32.8).

timesync ntp
ntp unicast
ntp server 10.80.255.7
ntp server 10.80.255.8
ntp enable

My timezone settings for Sydney Australia:

time daylight-time-rule user-defined begin-date 10/01 end-date 04/01
time timezone 600

 

3500in8xxx(config)# sh ntp associations

NTP Associations Entries


Remote St T When Poll Reach Delay Offset Dispersion
--------------- ---- ---- ------ ----- -------- -------- -------- ----------
10.80.255.7 4 u 75 10 3 0.000 0.000 15.87588
10.80.255.8 4 u 75 10 3 0.000 0.000 15.87552

 

Other Notes
NTP master is not a virtualized function on ArubaOS-CX. The virtual IP address will not work if you try and use it. 10.80.32.1 is the virtual IP address in this example. Note that it is set to Stratum 16 - this never changes.

3500in8xxx(config)# sh ntp associations

NTP Associations Entries


Remote St T When Poll Reach Delay Offset Dispersion
--------------- ---- ---- ------ ----- -------- -------- -------- ----------
10.80.32.1 16 75 17 0 0.000 0.000 15.93835

NTP authentication isn't currently supported with the OS-CX device acting as server/master.



Richard Litchfield, HPE Aruba
Consulting System Engineer
Network Ambassador
Frequent Contributor II

Re: ArubaOS-CX as an NTP Time Server

Is NTP Master supported i.c.m with Active-Gateway?

 

My ntp clients seems to communiate only with the real interface IP's and not the active gateway IP



- - - - Aruba ACCX #748, ACDX #758, ACMP, ACEAP | HPE Master ASE - - - -
- - - - - - - Feel free to give kudos or accept as a solution! - - - - - - - - -
Frequent Contributor II

Re: ArubaOS-CX as an NTP Time Server

I just got a message from TAC, saying it is not possible. Below a good explanation from TAC:

 

 

"This is possible to source NTP traffic from the active-gateway Virtual IP, It is inappropriate as the logic behind this Virtual IP is purely for ARP scope. Indeed, as this is not a protocol based VIP (like VRRP), there is no guarantee that for a handshake communication between the NTP server and the NTP client the return packet will go through the same CX node.

Say the NTP communication is initiated by VSX primary with VIP, there is a possibility that packet might comes back through VSX secondary which will handle the received packet as hosting the destination IP, but which will be out-of-sync for NTP protocol as not sourcing this request sequence."

 

 



- - - - Aruba ACCX #748, ACDX #758, ACMP, ACEAP | HPE Master ASE - - - -
- - - - - - - Feel free to give kudos or accept as a solution! - - - - - - - - -
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: